Corporate Investment in Cybersecurity remains "minimal"
National Cyber Security Coordinator Urges Industry to Scale-up Investments in Cybersecurity amid AI-driven Attacks and Skills Shortage.
India faces significant cybersecurity challenges as it works to secure its rapidly expanding digital infrastructure, with 1.2 billion connected devices requiring robust protection. Speaking at FICCI’s CyberComm 2025, held in association with MEITY and the Department of Telecom, Lieutenant General M.U. Nair, National Cyber Security Coordinator, called for increased Corporate Cybersecurity Investment to address the growing risks. Despite India’s impressive 5G rollout, with 4.74 million base stations deployed since October 2022, Nair described current Enterprise Cybersecurity Investment levels as “minimal.”
He emphasized the need for a fundamental shift in corporate governance, urging industries to include cybersecurity professionals on their boards and mandate comprehensive Corporate Data Security disclosures in annual reports. Nair outlined a vision for industry-led collaborative centers to continuously monitor India's complex digital ecosystem. “We need a commercial model where sectoral centers of excellence provide continuous Cybersecurity Risk Management and protection,” he explained.
Suprakash Chaudhuri, Country Head -- Digital Industries, Siemens Ltd, and Co-Chair, FICCI Technology Committee, highlighted the substantial market opportunity in India's cybersecurity sector, projecting growth from USD 5.56 billion in 2025 to USD 12.9 billion by 2030 at a CAGR of 18.33%.
"Cyber-attacks are cheap, fast and highly profitable for perpetrators. Yet the impact they leave on businesses and governments is devastating," Chaudhuri warned delegates. He emphasised that cybersecurity has evolved beyond a technological challenge to become "a critical business imperative" that demands proactive threat detection, robust policy frameworks, and continuous workforce development.
The government has introduced policy measures, such as clarifying ministerial cybersecurity responsibilities and implementing a National Security Directive restricting telecom infrastructure to trusted sources. Similar measures are being considered for critical sectors like power. To tackle the shortage of cybersecurity professionals, new education initiatives include specialized BTech and MTech degrees in cybersecurity and integrating "cybersecurity capsules" into existing curricula.
Mandar Kulkarni, Microsoft’s National Security Officer, highlighted identity attacks as the leading threat, noting that simple measures like multi-factor authentication could prevent 99% of incidents. Meanwhile, Suprakash Chaudhuri of Siemens underscored the urgency of addressing Why Companies Underinvest in Cybersecurity. He projected India’s cybersecurity market to grow from USD 5.56 billion in 2025 to USD 12.9 billion by 2030, emphasizing that cybersecurity is now a “critical business imperative.”
As cyber threats grow in sophistication, India must adopt advanced solutions like AI-driven threat intelligence and foster cross-sector collaboration to protect its burgeoning digital economy.
